Improving Cybersecurity Through Enhanced Security Disclosure

Stakeholders involved in the National Telecommunications & Information Administration's cybersecurity multistakeholder process to promote collaboration on vulnerability research disclosure today are releasing initial findings, recommendations, and resources that they hope will enhance cooperation and lead to a more secure digital ecosystem. The three stakeholder-drafted reports reflect the experience and wisdom of many of the key experts in the field, including active security researchers, experienced software companies, security companies, academics, and civil society advocates, as well as industries new to the issue. At the last meeting of NTIA's vulnerability disclosure process in November 2016, the three working groups presented their work for comment and discussion and agreed to make public a portion of their work for consideration and use.